using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;

namespace TagDemo.Api.Controllers
{
    [Authorize]  // 添加授权特性
    public class TagController : Controller
    {
        [Authorize(Roles = "TagViewer,Admin")]  // 指定角色权限
        public IActionResult Index()
        {
            var permission = new TagPermission
            {
                CanView = User.IsInRole("TagViewer"),
                CanEdit = User.IsInRole("TagEditor"),
                IsAdmin = User.IsInRole("Admin")
            };
            
            ViewBag.Permission = permission;
            return View();
        }

        [HttpGet("api/tags")]
        [Authorize(Roles = "TagViewer,Admin")]
        public IActionResult GetTags()
        {
            var tags = new List<TagModel>
            {
                new TagModel { Id = 1, Name = "标签1" },
                new TagModel { Id = 2, Name = "标签2" },
                new TagModel { Id = 3, Name = "标签3" }
            };
            return Ok(tags);
        }
    }
}